multi master primary nameserver.
Kevin Darcy
kcd at chrysler.com
Mon Feb 8 23:16:56 UTC 2010
On 2/5/2010 5:41 PM, fddi wrote:
> Hello I wanted to ask how could be possible in some way
> to have 2 or more multi master name servers authoritative for one domain,
> instead of the classical master slave model.
>
First of all, in technical terms, both masters and slaves are considered
"authoritative" for a zone, so there is in fact no distinction to be
made between "the classical master slave model" and "2 or more [...]
name servers authoritative for one domain". If you hadn't put the word
"multi" in your question, then more people would have probably pointed
that out to you.
With the word "multi" in there, however, it was obvious that there was a
genuine question lurking underneath the not-quite-technically-correct
jargon.
But, given the diverse responses to your post, it seems that different
people interpreted your question in different ways. Let me see if I can
clarify:
Interpretation #1: "multi master name servers authoritative for one
domain" = multiple BIND instances with the same zone defined as "type
master", only 1 (at most) of them allowing Dynamic Update requests from
clients
Yes, this is doable. You'd need to designate one of them as the
"primary" master, which would also be the one to allow Dynamic Updates
(if desired), then have an out-of-band mechanism (e.g. rsync, as
mentioned) for transferring the zone contents over to the other
"master"s periodically and/or whenever it changes, along with a way to
tell the receiving nameservers to reload the zone from the transferred
file (e.g. "rndc reload"). Alternatively, as one responder suggested,
and as many commercial products implement, have the updates made to
something other than a BIND instance (e.g. a relational database), and
then have a mechanism whereby the zone contents are "published" or
"pushed" from that non-BIND source to all of the BIND instances, which
are defined as "type master".
Interpretation #2: "multi master name servers authoritative for one
domain" = multiple BIND instances capable of accepting Dynamic Update
requests from clients
Interpretation #2a: not fault tolerant, i.e. the failure of a particular
BIND instance would cause all of the Dynamic Updates made for the
duration of its outage to be lost
Yes, this is also doable. Define one as "type master" and the
others as "type slave", with update forwarding enabled
Interpretation #2b: fault tolerant
Barely doable, or, arguably, not doable at all (depending on
concurrency/consistency requirements). You'd need to define them all as
"type master", allowing Dynamic Updates, and then have some sort of
"reconciliation" process to bring them all into sync with each other
periodically, bearing in mind that the updates might actually conflict
with each other (e.g. adding and deleting the same record within the
same reconciliation interval). You could resolve conflicting updates
based on something like timestamp (thus raising a requirement of tight
time synchronization between your BIND instances), on the identity of
the nameserver which received the request, the identity of the client,
or some other relevant attribute. There is, to my knowledge, no standard
governing how "inconsistent" zone contents *should* be reconciled, so
basically you can pick whatever mechanism or convention you feel is best
in your environment. Note also that if a given "master" receives a
Dynamic Update request which contains a *prerequisite*, e.g. "add this
name only if this other name exists", then you may find that the update
is spuriously rejected or accepted, because even though the prerequisite
may be satisfied *somewhere*, the data on which it bases its acceptance
or rejection, might not have sync'ed to that particular BIND instance
yet. These spurious acceptances/rejections can lead to unexpected and
perhaps undesirable behavior in the client or may be detrimental to the
cleanliness and/or consistency of your DNS data.
Theoretically, I suppose you could have something transparently redirect
Dynamic Update requests aimed at your BIND instances, to some non-BIND
backend database, which would process them and then publish/push the
results out to the BIND instances. From a BIND perspective, this would
be Interpretation #1, even though it would it would appear to clients
like Interpretation #2. In the fault-tolerant variant, you'd still have
the challenge of reconciling conflicting updates, however, but that
would be something that the non-BIND database or its supporting
software/algorithms would need to handle.
- Kevin
More information about the bind-users
mailing list